security breach
Latest
Hacking ring infiltrates Trion, Nexon, and Neowiz game servers
A China-based hacking ring has infiltrated servers belonging to "dozens of online video gaming companies and stolen valuable source code over a four-year period," according to The Sydney Morning Herald. The newspaper's website says that Neowiz, Mgame, Nexon, and Trion are among the companies affected. Moscow-based security firm Kaspersky Lab is conducting an ongoing investigation into the hacking ring's activities, but has not been given full access to infected servers. Some game companies reported the presence of malicious software which suggests that the hackers manipulated virtual currencies, according to the Herald. The group, named Winnti by Kaspersky, began its current campaign in 2009 and is still active today. The Herald reports that Neowiz "did not respond to requests for comment, while Trion and Nexon declined to comment. Mgame said it had no immediate comment."
Heroes of Newerth gets hax0red
It's that special time again -- you know the one we're talking about. The time for all of us to think about our behavior and see how we measure up. It's not Santa that's come to town; it's a security breach! Heroes of Newerth's database has been infiltrated, giving someone access to account and login information. According to an announcement on the game's login page, players are "encouraged to change any passwords that were shared with [their] Heroes of Newerth account" and to not change their HoN password at this time. As everybody does at every single security breach, we'd like to reiterate the importance of using strong and unique -- more unique than strong, if you've got to pick between them -- passwords for all of your accounts. Password managers are your friends.
Rumor: Origin hacked, EA denies intrusion [Updated]
If you have created an EA Origin account for any reason, such as for Star Wars: The Old Republic or Ultima Online, we advise you to change your password posthaste. Numerous sites are reporting that hackers have breached Origin's security and are potentially modifying account information and stealing it. Allegedly affected players claim that the hackers are changing the log-in emails associated with their accounts and that the new email addresses have a Russian suffix. In response to a question about whether any accounts were compromised by hacking, an EA spokesperson made the following statement: "At this point, we have no reason to believe there has been any intrusion into our Origin database." EA has updated us with its full security statement: Anytime a player has a question about the security of his or her account or personal data, we take it very seriously and take all possible steps to help. For any customer who cannot access their Origin account for any reason, we ask them to please contact Origin Help or EA's customer experience group at help.ea.com. The robust security measures in place to protect Origin users accounts are constantly being expanded and upgraded, and we also strongly recommend customers take the protective steps of using strong passwords and changing passwords often.
Security breached in PlaySpan hack, multiple games affected [Updated]
Some MMORPGs have been affected by a security breach at PlaySpan. User IDs, encrypted passwords, and email addresses for the players of multiple unconfirmed MMOs have been compromised, according to Develop. Upon detecting the breach, PlaySpan locked all accounts and closed the PlaySpan Marketplace. The company is asking users to reset their passwords while the firm investigates the hack; it also encourages folks urges folks to reset passwords on other websites as a precaution. A PlaySpan spokesperson stated, "We sincerely apologize for any frustration or inconvenience this incident has caused our customers. We know PlaySpan's business depends on consumer trust. Security is a top priority for us, and we are redoubling our efforts to strengthen PlaySpan's overall system security." [Thanks to Chris for the tip!] [Update: We've removed EVE Online, Guild Wars, and RuneScape from the list of compromised games as they were not affected as Develop originally reported. CCP has released a statement denying that it shares customer information with PlaySpan; ArenaNet has likewise posted that it does not use PlaySpan for its games. Turbine has likewise confirmed that contrary to rumor, "Turbine game accounts are not connected to the Playspan Marketplace".]
Daily Update for September 4, 2012
It's the TUAW Daily Update, your source for Apple news in a convenient audio format. You'll get all the top Apple stories of the day in three to five minutes for a quick review of what's happening in the Apple world. You can listen to today's Apple stories by clicking the inline player (requires Flash) or the non-Flash link below. To subscribe to the podcast for daily listening through iTunes, click here. No Flash? Click here to listen. Subscribe via RSS
North American players may now update their security questions
As an update to the security breach last week, players on North American realms will now be prompted to change their security question and answer when logging in to their Battle.net accounts. The security breach included no financial information; however, answers to personal security questions were compromised, as well as some information related to Mobile Authenticators. In addition to the security question update, players may now also update their Mobile Authenticators as well. Please note, this is only in regards to North American accounts; players in Europe need to do neither of these things. And remember, if you are a North American player and have not changed the password on your account, doing so is an excellent idea. Nethaera As a precaution following our recent security update, players on North American servers please take a moment to visit Battle.net account management, where you will be prompted to change your security question as well as update your Mobile Authenticator. There you'll also find helpful tips and an FAQ, as well as instructions on how to add additional layers of security to your account, including the Battle.net Authenticator or the Mobile Authenticator for those that aren't already using one. source
Blizzard suffers security breach, encrypted passwords and authenticator data compromised
According to a recent Blizzard security update, now might be a good time cook up a new password. Blizzard's security team found that its internal network has been illegally accessed, and answers to personal security questions, authenticator data and cryptographically scrambled Battle.net passwords have found their way into the perpetrator's hands. The team is confident, however, that the compromised data isn't enough to give the attacker access to user accounts, and says that there is no evidence to suggest financial data (credit cards, billing addresses and customer names) were accessed. Blizzard President Mike Morhaine recommends that users update their passwords all the same, and we couldn't agree more. Check out his official statement at the source link below and get that Diablo III account locked down.
Blizzard internal network hacked, some Battle.net account details compromised
Blizzard Entertainment has just posted an "important security update" to its official site. The studio responsible for World of Warcraft, Diablo III, and StarCraft revealed that its security team "found an unauthorized and illegal access" into Blizzard's internal network. While Blizzard president Mike Morhaime explains that no financial data (like credit card details, real names, and billing addresses) were compromised as a result of the security breach, he does admit that emails, answers to security questions, and encrypted Battle.net passwords of North American players (and others outside of China) were accessed. "Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts," wrote Morhaime, but the company is still investigating the breach and recommends that all players change their passwords "as a precaution."
Blizzard security breach, no evidence that financial data was compromised
Mike Morhaime, the president of Blizzard Entertainment, reported today in a blog post posted on the official Blizzard website that a list of email addresses for Battle.net users, answers to security questions, and information relating to the Mobile and Dial-in Authenticator program were illegally accessed by outsiders. The security hole has been closed, but Blizzard is officially recommending that all Battle.net users change their passwords immediately. In the coming days, players will be prompted to automatically change their security questions and update their mobile authenticator software. A FAQ is available here. The full post is below. Mike Morhaime Players and Friends, Even when you are in the business of fun, not every week ends up being fun. This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened. At this time, we've found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed. Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts. We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password. Please click this link to change your password. Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well. In the coming days, we'll be prompting players on North American servers to change their secret questions and answers through an automated process. Additionally, we'll prompt mobile authenticator users to update their authenticator software. As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password. We deeply regret the inconvenience to all of you and understand you may have questions. Please find additional information here. We take the security of your personal information very seriously, and we are truly sorry that this has happened. Sincerely, Mike Morhaime source
Eight million gamigo user accounts compromised
Last March we told you about an attack on free-to-play publisher gamigo's account services. Today The Verge reports that the security leak has resulted in the credentials of over eight million users being posted on a password-cracking website. Steve Thomas, founder of a hacking alert service called PwnedList, says the gamigo breach is "the largest leak I've ever actually seen." Compromised data include usernames, passwords, and email addresses. Users who held gamigo accounts prior to March 2012 are being encouraged to change their credentials.
Microsoft fights back against Xbox Live account threats, begs you to update your security settings
Redmond's console gaming network may not have suffered a breach of security comparable to last year's PSN fumble, but that doesn't mean it hasn't braced for impact. According to Xbox Live General Manager Alex Garden, Microsoft has made great strides in account security by taking legal action against sites who share phished usernames and passwords, enacting two-step login verification for untrusted devices and pushing fresh security updates to devices. Even so, Garden says that many of Xbox Live's account protection measures rely on member profiles being up to date, and heartily encourages users to make sure their security information is accurate. Get the word directly from the horses mouth at the source link below.
LinkedIn confirms security breach, 'some passwords' affected
Reports began swirling this morning that around six million passwords attached to LinkedIn accounts had been compromised, and after looking into the matter, the site has confirmed that "some of the passwords" attached to accounts of LinkedIn members have been affected. The network doesn't specify the number of passwords leaked, nor does it confirm the rumored count of six million. It does, however, promise that it will invalidate passwords of the hit accounts -- and vows to send an email to each affected user with instructions on how to reset their password, followed by another piece of correspondence explaining what happened. Below you'll find the company's official statement, as well as what it is doing to ensure its members are safe.
F2P publisher gamigo's account services offline after hack [Updated]
If you're a fan of gamigo's free-to-play MMO library, you may have run into some trouble accessing your account info as of yesterday. The company "detected an illegal intrusion into [its] gamigo account system," according to an official post on the Jagged Alliance forums. The hack resulted in a temporary cessation of registration, account management, and payment services. The company says that while the game servers are still up and running, "the gAS services might be down for a while." gamigo also says that it encrypts passwords and that "no access to account names and other data is confirmed." [Thanks for the tip, Tim!] [Update: gamigo has now posted a letter to its website discussing the intrusion and recommending steps players should take to reset passwords and secure their accounts.]
Mortal Online hacked, Star Vault encourages users to verify accounts
If you've got an active Mortal Onlne account, you may want to think seriously about changing your password. A new post on the sandbox title's forum describes a security breach that led to the destruction of in-game assets and account status changes. The intrusion has since been contained, according to a Star Vault GM, and "additional security is in place." The company says that customer payment information was not affected, but users are encouraged to verify their account status and passwords anyway. As to the breach itself, details are understandably scarce, but Star Vault does say that a member of the GM staff had his account compromised and his details used to carry out the aforementioned mischief. [Thanks to slapshot1188 for the tip!]
Microsoft Store hacked in India, passwords stored in plain text
Frequenters of India's online Microsoft Store were briefly greeted with the suspicious visage of a Guy Fawkes mask this morning, following a hack that compromised the site's user database. According to WPSauce, Microsoft Store India's landing page was briefly taken over by a hacker group called Evil Shadow Team, who, in addition to putting a new face on Windows products, revealed that user passwords were saved in plain text. The group's motivations are unknown, though the hacked page warned that an "unsafe system will be baptized." The store is now offline, suggesting that Microsoft may have regained control. Read on for a look at the compromised password database.[Thanks to everyone who sent this in]
Oops! Motorola sold refurbished Xooms without deleting previous owners' data
Usually, when passwords and personal information are exposed, it's because someone hacked a company's not-so-secure system. Motorola, however, managed to put people's info at risk without such malfeasance when it failed to wipe the memory of a batch of refurbished Xooms. The tablets in question were sold by Woot.com between October and December of last year, and Moto is claiming that it made the mistake on only small number of slates. Of course, we don't know exactly how many Xooms were shipped with previous owners' data onboard, but we do know that the company is actively attempting to make amends. Moto's offering two years of Experian identification protection services to those whose info was exposed and owners of affected Xooms are getting a little something too. Just send the device back to Motorola on the company's dime -- where it'll be properly reset and sent back to you, along with a $100 American Express gift card for your efforts. Wondering if you're among the unlucky? Hit the PR after the break for more info, and those with Wooted Xooms can plug in their slate's serial number at the source link below to find out for sure.[Thanks, Scott]
VeriSign revealed to have suffered repeated security breaches in 2010
It took some digging through more than 2,000 pages of SEC documents, but Reuters revealed today that VeriSign was attacked "repeatedly" by hackers in 2010, and that some undisclosed information was stolen from the company. The key danger there is the DNS records that the company manages -- which ensure that URLs take you to the correct website -- but VeriSign says that its executives "do not believe these attacks breached the servers that support our Domain Name System network." As Reuters notes, however, the company isn't ruling anything out. Details on the attacks themselves (or the exact number and timing of them) are otherwise hard to come by, but it's reported that VeriSign's security staff did not notify top management until September of 2011 -- although they are said to have "responded" to the attacks themselves.
Chinese hackers target U.S. Chamber of Commerce, sensitive data stolen
According to sources close to The Wall Street Journal, Chinese hackers are at it again, this time hitting the U.S. Chamber of Commerce and capturing information from three million members. Those familiar with the matter told the WSJ that hackers stole around six weeks worth of emails regarding Asian policy, but may have had access to sensitive correspondences for as long as a year. The Chamber only learned it was under attack when the FBI sent an alert that servers in China were stealing information, although the exact amount of data stolen is unknown. After confirming the breach, the Chamber shut down and destroyed parts of its computer network, proceeding to revamp its security system over a 36-hour period. Unfortunately, this isn't the first time the U.S. of A has fallen victim to Chinese hackers, as both Google and NASA have experienced breaches over the past few years. The Chamber is currently investigating the attack, hoping to find some digital clues that might reveal the details of who done it and why.
Trion Worlds customer database hacked, 'no evidence' credit card info stolen
Trion Worlds has become the latest in a long string of MMO studio security breaches this year, as the company reported an intrusion into its customer database. At risk of compromise were customers' user names, passwords, birthdates, email and billing addresses, and partial credit card info. However, the company states that "there is no evidence" that full credit card numbers were stolen at this time. In a message posted on the Trion Worlds website, the company promises that it is both researching the intrusion and taking steps to increase security. As part of this, all RIFT players will be asked to change passwords and security questions, and their mobile authenticators will need to be reconnected. The company urges customers to watch their bank statements for questionable activity, and provides customers with resources to get a free credit report and putting a freeze on credit reports. To compensate customers for the issue, Trion is providing all RIFT players with three extra days of gaming time and a Moneybags' Purse that increases all money looted by 10% in-game. [Thanks to everyone who sent this in!]
Square-Enix says no user info stolen during security breach
A week ago we reported that Square-Enix's Members site, a loyalty program for fans of the studio's games, suffered an unwarranted intrusion and was subsequently taken offline as the company conducted an investigation. It turns out that the best possible outcome of this investigation has occurred, as no personal information was stolen. Subsequently, the company plans to bring its Japanese and North American websites back online by the end of the month. Square-Enix posted the following notice as an update: As a result of our continuing investigation, we have now confirmed that the database in which we store personal information was NOT accessed during the recent server intrusion. Therefore, your personal information was NOT compromised by an unknown third party. Square-Enix is planning to restart the Square Enix Members service by the end of December. Details of the schedule will be announced at a later date. We deeply regret any inconvenience this may have caused our customers and fans, and appreciate your patience.
